Re: The false positive in McAfee GroupShield

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

Yeah, it was posted to the whole list pointing to this Firefox exploit:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3845

Let's hope McAfee guys are reading.

- Juha-Matti


rms () computerbytesman com wrote: 
> This warning is kind of funny.  I wonder what triggered the false positive
> in my original message.
>
> Richard
>
>
> > McAfee GroupShield™ Alert
> >
> > McAfee GroupShield discovered a problem with this email. If you do not
> > know the sender, it is probably a virus. If you do know the sender but
> > were not expecting an attachment from them or the subject or message
> > text "doesn't sound like something they would say," it is probably a
> > virus. Simply delete this message if you believe this message contains a
> > virus. Do not be alarmed that you got a virus-laden message--some people
> > are getting a dozen per day. Welcome to the club :-) Call the help desk
> > at x5ITC if you need further information.
> >
> > Date/Time sent: 09 Oct 2007 14:48:21
> > Subject line: Re: [funsec] Adobe confirms critical vulnerability after a
> > remarkable delay
> > From: funsec-bounces () linuxbox org
> > To: Juha-Matti Laurio
> > Action taken: Replaced
> > Reason: Anti-Virus
> > Rule Group:
> > Virus (if found): Exploit-CVE2007-3845
> > Quarantined file:
> > Filename:
> > Ticket: 10ac-470b-ccf5-0001
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.